CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-4295 – Mali GPU Kernel Driver allows improper GPU memory processing operations
https://notcve.org/view.php?id=CVE-2023-4295
07 Nov 2023 — A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada. Arm Mali CSF has a refcount overflow bugfix in r43p0 that was misclassified as a memory leak fix. • https://packetstorm.news/files/id/176109 • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
07 Nov 2023 — Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-47360
https://notcve.org/view.php?id=CVE-2023-47360
07 Nov 2023 — Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length. • https://0xariana.github.io/blog/real_bugs/vlc/mms • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2023-32836
https://notcve.org/view.php?id=CVE-2023-32836
06 Nov 2023 — In display, there is a possible out of bounds write due to an integer overflow. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5849 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-5849
01 Nov 2023 — Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21375
https://notcve.org/view.php?id=CVE-2023-21375
30 Oct 2023 — In Sysproxy, there is a possible out of bounds write due to an integer underflow. • https://source.android.com/docs/security/bulletin/android-14 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21371
https://notcve.org/view.php?id=CVE-2023-21371
30 Oct 2023 — In Secure Element, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/docs/security/bulletin/android-14 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21370
https://notcve.org/view.php?id=CVE-2023-21370
30 Oct 2023 — In the Security Element API, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/docs/security/bulletin/android-14 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46246 – Integer Overflow in :history command in Vim
https://notcve.org/view.php?id=CVE-2023-46246
27 Oct 2023 — Causing an Integer Overflow and potentially later an use-after-free. • https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5753 – Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem
https://notcve.org/view.php?id=CVE-2023-5753
24 Oct 2023 — Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c Posibles desbordamientos del búfer en el subsistema Bluetooth debido a afirmaciones deshabilitadas en /subsys/bluetooth/host/hci_core.c Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-191: Integer Underflow (Wrap or Wraparound) •